One of the age-old tenets of good network security is only open network ports that are necessary and make sure you have protection around any port open to the outside world. Open ports provide attackers with an opportunity to compromise... Read More
Specops Software Blog
Division 1 College Football Teams and Mascots Keep Showing Up on Breached Password Lists
The Rambling Wreck of Georgia Tech may not have earned a single vote in the AP’s preseason college football Top 25 rankings, but when it comes to appearing on breached password lists, the prestigious university ranks #1. In conjunction with the... Read More
Why cached credentials are causing account lockouts
Active Directory user accounts can get locked out due to a number of reasons, especially when working remotely. Windows systems can cache credentials for users. Yet, cached credentials causing account lockouts is a major problem for remote users. Cached Active Directory credentials To understand the purpose of... Read More
Defending Your Network from RockYou2021
In June 2021, a large data dump was posted to a popular internet hacking forum. This dataset was termed “rockyou2021,” named after the popular password brute-force wordlist known as Rockyou.txt. Media and Twitter alike were abuzz with what to... Read More
Microsoft password expiration recommendation
Microsoft Active Directory provides built-in password policies to control various aspects of password management in the environment. One of the password configurations traditionally controlled at the password policy level is password expiration. Many organizations use password expiration policies to secure Active Directory accounts as part of... Read More
Premier League Clubs May Want to Be Relegated from This Breached Password List
Chelsea, one of England’s most successful football clubs, can add another trophy to their record today, as they rank in first place on Specops’ breached password list. This is according to our new research, ahead of the start of the Premier League 2021 season,... Read More
“User must change password at next logon” feature in Active Directory
The User must change password at next logon setting can be flagged in a couple of different scenarios in Active Directory, including when a user account password has expired, or when an administrator manually sets the flag on an account. Below is an... Read More
Introducing Live Attack Data to Specops Breached Password Protection (plus what passwords you should block right now)
Today, Specops Software released the latest update to its Breached Password Protection list. This release includes, most notably, the addition of passwords observed in real attacks. Prior to this release, Specops Breached Password Protection sources included lists of known... Read More
Pipeline Cybersecurity Initiative best practices
There is no question that ransomware attacks are on the rise. They present what is arguably the most dangerous risk to businesses today when looking at the cybersecurity threat landscape. Recently, a ransomware attack impacted the Colonial Pipeline, one of the largest fuel... Read More
Service account security best practices
There are number of privileges and roles granted to Windows users. However, it’s often necessary to restrict roles to specialized accounts called service accounts. These Active Directory (AD) accounts have deeper access to OS infrastructure, making them both handier and higher-priority... Read More